<?php


class My_Acl{
    private $_request;
    private $_auth;
    public $_helperRedirector;
    
    public function __construct(){
       
        
        $this->_request = Zend_Controller_Front::getInstance()->getRequest();
        
        $auth = Zend_Auth::getInstance();
        $auth->setStorage(new Zend_Auth_Storage_Session(SESSION_NAMESPACE)); 
        $this->_auth = $auth;
        
        $this->_helperRedirector = new Zend_Controller_Action_Helper_Redirector();
    }
    // check user đã đăng nhập
    public function hasIdentity(){
        if(!$this->_auth->hasIdentity()){
            return false;
        }
        
        $authInfo = $this->_auth->getIdentity();
        $modelUser = new Default_Model_User();
        $userCheck = $modelUser->getDataById($authInfo['userId']);
        if($userCheck['sessionId'] != session_id()){
            $this->_auth->clearIdentity();
            return false;
        }
        
        return $this->_auth;
    }
    
    // kiem tra user duoc quyen truy cap tinh nang nay ko
    public function checkAllowed($request = null){
        if(!$this->_auth->hasIdentity()){
            $this->_helperRedirector->gotoUrl('/default/auth/login');
            exit;
        }
        $authInfo       = $this->_auth->getIdentity();
       
        $params         = $this->_request->getParams(); 

      
        $dataResource['moduleName']     = $this->_request->getModuleName();
        $dataResource['controllerName'] = $this->_request->getControllerName();
        $dataResource['actionName']     = $this->_request->getActionName();
    
        if(isset($request['moduleName']) && $request['moduleName']){
            $dataResource['moduleName'] = $request['moduleName'];
        }
        if(isset($request['controllerName']) && $request['controllerName']){
            $dataResource['controllerName'] = $request['controllerName'];
        }
        if(isset($request['actionName']) && $request['actionName']){
            $dataResource['actionName'] = $request['actionName'];
        }
        $modelResource  = new Admin_Model_Resource();
        $resourceCheck  = $modelResource->getData($dataResource); 
        if(!isset($resourceCheck[0])){
            return false;
//            $this->_helperRedirector->gotoUrl('/default/mess/index/type/access_denied');
//            exit;
        }
        
        $dataRole['adminId']     = $authInfo['adminId'];
        $dataRole['resourceId'] = $resourceCheck[0]['resourceId'];
       
        $modelRole      = new Admin_Model_Role();
        $checkAllowed   = $modelRole->getData($dataRole);
        if(!$checkAllowed){
            return false;
        }
        return $authInfo;
    }
    
    // danh sach quyen cua user
    public function listAllowed(){
        if(!$this->_auth->hasIdentity()){
            $this->_helperRedirector->gotoUrl('/default/auth/login');
            exit;
        }
        $authInfo       = $this->_auth->getIdentity();
        
        $params         = $this->_request->getParams();
        
        $dataRole['adminId']     = $authInfo['adminId'];
       
        $modelRole      = new Admin_Model_Role();
        $listAllowed    = $modelRole->getData($dataRole);
        if(!$listAllowed){
            return false;
        }
       
        return $listAllowed;
    }
    
    // danh sach quyen chuc nang cua user
    public function listResourceAllowed(){
        if(!$this->_auth->hasIdentity()){
            $this->_helperRedirector->gotoUrl('/default/auth/login');
            exit;
        }
        $authInfo       = $this->_auth->getIdentity();
       
        $params         = $this->_request->getParams();
    
       
        $dataRole['adminId']     = $authInfo['adminId'];
     
        $modelRole      = new Admin_Model_Role();
        $listAllowed    = $modelRole->getData($dataRole);
        if(!$listAllowed){
            return false;
        }
        $listResource           = array();
        foreach($listAllowed as $row){
            $listResource[] = json_decode($row['resourceId'],true);
        }
        $modelResource  = new Admin_Model_Resource();
        $listResource = $modelResource->getData(array('resourceList'=>$listResource));
        
        return $listResource;
    }
    
    // chua su dung
    
    
    //logout tool 
    public static function logout($sessNamespace = null){
        if(!$sessNamespace){
            $sessNamespace = SESSION_NAMESPACE;
        }
        $auth = Zend_Auth::getInstance()->setStorage(new Zend_Auth_Storage_Session($sessNamespace));
        if($auth->hasIdentity()){
            $auth->clearIdentity();
            return true;
        }
        return false;
    }
    
    
    
}
